<email>mike@php.net</email>
<active>yes</active>
</lead>
- <date>2015-03-18</date>
+ <date>2015-04-24</date>
<version>
- <release>1.0.0</release>
+ <release>1.0.1</release>
<api>1.0.0</api>
</version>
<stability>
</stability>
<license>BSD, revised</license>
<notes><![CDATA[
-* Split off pecl_http
+* Fix bug where non-POST payloads with mixed case boundaries would not be parsed
]]></notes>
<contents>
<dir name="/">
<dir name="tests">
<file role="test" name="001.phpt"/>
<file role="test" name="002.phpt"/>
+ <file role="test" name="003.phpt"/>
</dir>
</dir>
</contents>
{
/* populate form data on non-POST requests */
if (SG(request_info).request_method && strcasecmp(SG(request_info).request_method, "POST") && SG(request_info).content_type && *SG(request_info).content_type) {
- char *ct_str = zend_str_tolower_dup(SG(request_info).content_type, strlen(SG(request_info).content_type));
- size_t ct_end = strcspn(ct_str, ";, ");
+ char *ct_str, *ct_dup = estrdup(SG(request_info).content_type);
+ size_t ct_end = strcspn(ct_dup, ";, ");
sapi_post_entry *post_entry = NULL;
- char delim;
- SG(request_info).content_type_dup = ct_str;
+ SG(request_info).content_type_dup = ct_dup;
- delim = ct_str[ct_end];
- ct_str[ct_end] = '\0';
+ ct_str = zend_str_tolower_dup(ct_dup, ct_end);
if ((post_entry = apfd_get_post_entry(ct_str, ct_end TSRMLS_CC))) {
zval *files = apfd_backup_files(TSRMLS_C);
- ct_str[ct_end] = delim;
-
if (post_entry) {
SG(request_info).post_entry = post_entry;
*/
apfd_update_files(files TSRMLS_CC);
}
+ efree(ct_str);
if (SG(request_info).content_type_dup) {
efree(SG(request_info).content_type_dup);
--- /dev/null
+--TEST--
+apfd - mixed case boundary
+--SKIPIF--
+<?php
+extension_loaded("apfd") or die("skip need apfd support\n");
+?>
+--PUT--
+Content-Type: multipart/form-data; boundary=----------------------------abcDEFG123
+------------------------------abcDEFG123
+Content-Disposition: form-data; name="LICENSE"; filename="LICENSE"
+Content-Type: application/octet-stream
+
+Copyright (c) 2011-2012, Michael Wallner <mike@iworks.at>.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+------------------------------abcDEFG123
+Content-Disposition: form-data; name="composer"; filename="composer.json"
+Content-Type: application/octet-stream
+
+{
+ "name": "m6w6/autocracy",
+ "type": "library",
+ "description": "http\\Controller preserves your autocracy",
+ "keywords": ["http", "controller", "pecl", "pecl_http"],
+ "homepage": "http://github.com/m6w6/autocracy",
+ "license": "BSD-2",
+ "authors": [
+ {
+ "name": "Michael Wallner",
+ "email": "mike@php.net"
+ }
+ ],
+ "require": {
+ "php": ">=5.4.0",
+ "pecl/pecl_http": "2.*"
+ },
+ "autoload": {
+ "psr-0": {
+ "http\\Controller": "lib"
+ }
+ }
+}
+
+------------------------------abcDEFG123
+Content-Disposition: form-data; name="user"
+
+mike
+------------------------------abcDEFG123--
+--FILE--
+<?php
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECTF--
+array(1) {
+ ["user"]=>
+ string(4) "mike"
+}
+array(2) {
+ ["LICENSE"]=>
+ array(5) {
+ ["name"]=>
+ string(7) "LICENSE"
+ ["type"]=>
+ string(24) "application/octet-stream"
+ ["tmp_name"]=>
+ string(%d) "%sphp%s"
+ ["error"]=>
+ int(0)
+ ["size"]=>
+ int(1340)
+ }
+ ["composer"]=>
+ array(5) {
+ ["name"]=>
+ string(13) "composer.json"
+ ["type"]=>
+ string(24) "application/octet-stream"
+ ["tmp_name"]=>
+ string(%d) "%sphp%s"
+ ["error"]=>
+ int(0)
+ ["size"]=>
+ int(550)
+ }
+}
projects / m6w6 / ext-apfd / commitdiff
